Hitoshi Kokumai

7ヶ月前 · 1 分の読書時間 · visibility ~10 ·

chat 著者への問い合わせ

thumb_up 関連性 message コメント

Ignored Gravity of Secret Credentials

Ignored Gravity of Secret Credentialshe lock authenticates the key.<br />
The key authenticates the lock.<br />
<br />
  <br />
<br />
Does the key authenticate<br />
the person who holds it?


“the organisation needs to stop storing passwords in plain text” was mentioned in this report – “Poor password security at the British branch of Mensa?”      https://grahamcluley.com/poor-password-security-mensa/

It’s a conundrum – They must be conscious that they are responsible for protecting the personal information of the high-IQ members, many of whom must have a heavy social status. What sort of reasoning had led those people to store passwords in plain text? Just ignorance or indifference? Or, something else?

Anyway, this report should not be interpreted to imply that the password systems have an inherent drawback. To blame is the people who opted to not hash the passwords before storing.

We could reconfirm here that blaming the password is wrong and that secret credentials are absolutely indispensable for identity assurance that makes the foundation of safe and orderly societal life.

Ref: “Bizarre Theory of Password-lessAuthentication”


e0f259cd.jpg

< References >

Summary and Brief History - Expanded Password System

Image-to-Code Conversion by Expanded Password System

Proposition on How to Build Sustainable Digital Identity Platform

External Body Features Viewed as ‘What We Are’

 History, Current Status and Future Scenarios of Expanded Password System

Negative Security Effect of Biometrics Deployed in Cyberspace

Removal of Passwords and Its Security Effect

Availability-First Approach

Update: Questions and Answers - Expanded Password System and Related Issues (30/June/2020)



< Videos on YouTube>

Slide: Outline of Expanded Password System (3minutes 2seconds)

Demo: Simplified Operation on Smartphone for consumers (1m41s)

Demo: High-Security Operation on PC for managers (4m28s)

Demo: Simple capture and registration of pictures by users (1m26s)

Slide: Biometrics in Cyber Space - "below-one" factor authentication

< Latest Media Articles Published in 2020 Spring>

Digital Identity – Anything Used Correctly Is Useful https://www.valuewalk.com/2020/05/digital-identity-biometrics-use/

‘Easy-to-Remember’ is one thing ‘Hard-to-Forget’ is another https://www.paymentsjournal.com/easy-to-remember-is-one-thing-hard-to-forget-is-another/



thumb_up 関連性 message コメント
コメント
Zacharias 🐝 Voulgaris

Zacharias 🐝 Voulgaris

7ヶ月前 #1

In the case of Mensa, it could have been intentional (perhaps a publicity stunt, since that would be a way to lure new members). In any case, the value at stake is minimal, considering that it's a social/networking club (I'm not undermining it, just stating a fact). If a bank were to have such low standards of CS, it would be a different story. In any case, there is a reason why hashing is so popular. Why more people don't use it for password management is beyond me... Cheers

その他の記事 Hitoshi Kokumai

ブログを見る